CVE-2020-1472 Netlogon Elevation of Privilege Vulnerability PoCs released

CVE-2020-1472 (rated 10.0 Critical), a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC), had additional technical details released yesterday from researchers. Within hours of the release, new Proof-of-Concepts (PoC) and exploits were published on GitHub.

Fortunately, Microsoft released a patch for this vulnerability in August that can be found here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

This vulnerability effects Windows Server versions from 2008-2019 and must be executed from a machine on the same Local Area Network as their target. Hypothetically, an attacker could utilize this to deploy ransomware throughout an organization and maintain persistent presence.

Nuspire highly recommends that administrators apply the patches from the above provided Microsoft advisory if not already applied as soon as possible within their organization.

You may unsubscribe by adjusting your profile settings within Trax.